@@ -1271,3 +1271,103 @@ def test_no_change_to_valid_vers(self):
12711271 self .assertEqual (self .impact3 .affecting_vers , "vers:npm/>5.6.7" )
12721272 self .assertEqual (self .impact3 .fixed_vers , "vers:npm/5.6.8" )
12731273 self .assertEqual (self .impact3 .advisory .advisory_id , "test_adv2" )
1274+
1275+
1276+ class TestAlpineVersSchemeMigration (TestMigrations ):
1277+ app_name = "vulnerabilities"
1278+ migrate_from = "0125_clean_vers_range_without_constraints"
1279+ migrate_to = "0126_use_apk_scheme_for_alpine_vers"
1280+
1281+ def setUpBeforeMigration (self , apps ):
1282+ ImpactedPackage = apps .get_model ("vulnerabilities" , "ImpactedPackage" )
1283+ AdvisoryV2 = apps .get_model ("vulnerabilities" , "AdvisoryV2" )
1284+
1285+ self .advisory1 = AdvisoryV2 .objects .create (
1286+ unique_content_id = "content_id_old" ,
1287+ url = "https://old.example.com" ,
1288+ summary = "Old advisory" ,
1289+ advisory_id = "test_adv1" ,
1290+ avid = "test_pipeline/test_adv" ,
1291+ datasource_id = "test_pipeline" ,
1292+ )
1293+
1294+ self .impact0 = ImpactedPackage .objects .create (
1295+ advisory = self .advisory1 ,
1296+ base_purl = "pkg:apk/foobar0" ,
1297+ affecting_vers = "vers:alpine/<2.3.4-0r" ,
1298+ fixed_vers = "vers:alpine/2.3.4-0" ,
1299+ )
1300+
1301+ self .impact1 = ImpactedPackage .objects .create (
1302+ advisory = self .advisory1 ,
1303+ base_purl = "pkg:apk/foobar1" ,
1304+ affecting_vers = None ,
1305+ fixed_vers = "vers:alpine/2.3.4" ,
1306+ )
1307+
1308+ self .impact2 = ImpactedPackage .objects .create (
1309+ advisory = self .advisory1 ,
1310+ base_purl = "pkg:apk/foobar2" ,
1311+ affecting_vers = "vers:alpine/3.4.5" ,
1312+ fixed_vers = None ,
1313+ )
1314+
1315+ self .impact3 = ImpactedPackage .objects .create (
1316+ advisory = self .advisory1 ,
1317+ base_purl = "pkg:alpm/foobar2" ,
1318+ affecting_vers = "vers:alpm/0.2.1" ,
1319+ fixed_vers = None ,
1320+ )
1321+
1322+ alpine_affecting = ImpactedPackage .objects .filter (
1323+ affecting_vers__startswith = "vers:alpine/"
1324+ ).count ()
1325+ alpine_fixing = ImpactedPackage .objects .filter (
1326+ affecting_vers__startswith = "vers:alpine/"
1327+ ).count ()
1328+
1329+ self .assertEqual (alpine_affecting , 2 )
1330+ self .assertEqual (alpine_fixing , 2 )
1331+
1332+ def test_empty_fixed_vers_cleaned (self ):
1333+ ImpactedPackage = apps .get_model ("vulnerabilities" , "ImpactedPackage" )
1334+
1335+ result_apk_affecting = ImpactedPackage .objects .filter (
1336+ affecting_vers__startswith = "vers:apk/"
1337+ ).count ()
1338+ result_apk_fixing = ImpactedPackage .objects .filter (
1339+ affecting_vers__startswith = "vers:apk/"
1340+ ).count ()
1341+
1342+ result_alpine_affecting = ImpactedPackage .objects .filter (
1343+ affecting_vers__startswith = "vers:alpine/"
1344+ ).count ()
1345+ result_alpine_fixing = ImpactedPackage .objects .filter (
1346+ affecting_vers__startswith = "vers:alpine/"
1347+ ).count ()
1348+
1349+ self .assertEqual (result_apk_affecting , 2 )
1350+ self .assertEqual (result_apk_fixing , 2 )
1351+
1352+ self .assertEqual (result_alpine_affecting , 0 )
1353+ self .assertEqual (result_alpine_fixing , 0 )
1354+
1355+ def test_no_change_to_non_alpine_vers (self ):
1356+ self .impact3 .refresh_from_db ()
1357+
1358+ self .assertEqual (self .impact3 .affecting_vers , "vers:alpm/0.2.1" )
1359+ self .assertEqual (self .impact3 .fixed_vers , None )
1360+
1361+ def test_scheme_migration_correctness (self ):
1362+ self .impact0 .refresh_from_db ()
1363+ self .impact1 .refresh_from_db ()
1364+ self .impact2 .refresh_from_db ()
1365+
1366+ self .assertEqual (self .impact0 .affecting_vers , "vers:apk/<2.3.4-0r" )
1367+ self .assertEqual (self .impact0 .fixed_vers , "vers:apk/2.3.4-0" )
1368+
1369+ self .assertEqual (self .impact1 .affecting_vers , None )
1370+ self .assertEqual (self .impact1 .fixed_vers , "vers:apk/2.3.4" )
1371+
1372+ self .assertEqual (self .impact2 .affecting_vers , "vers:apk/3.4.5" )
1373+ self .assertEqual (self .impact2 .fixed_vers , None )
0 commit comments